Continue reading on DataGuidance with:
Free Member
Limited ArticlesCreate an account to continue accessing select articles, resources, and guidance notes.
Already have an account? Log in
Create an account
Join our community for free to access exclusive whitepapers, reports, and regulatory information.
Spain: AEPD fines Vodafone €48,000 for GDPR violations
The Spanish data protection authority ('AEPD') issued, on 28 February 2020, a resolution ('the Resolution') in proceedings PS/00212/2019, fining Vodafone ONO, S.A.U. €48,000 for violations of Article 32 of the General Data Protection Regulation (Regulation (EU) 2016/679) ('GDPR'). In particular, the AEPD held that Vodafone’s negligent unintentional action in assigning two individuals the same security access code resulted in violations against Article 32 of the GDPR in failing to implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk. In addition, the Resolution notes that aggravating factors included, negligent unintentional action related to significant data that allow the identification of a person and the involvement of basic personal identifiers.
You can read the Resolution, only available in Spanish, here.
Send us your Feedback!
Please let us know what you think of DataGuidance! It will only take 60 seconds and help us make the site better for you.
